Sample code for 30+ languages & platforms
Delphi DLL

Examine KeyInfo Certificate in XML Signature

See more XML Digital Signatures Examples

This example loads signed XML and gets the signing certificate, assuming the certificate is contained in X509Certificate within the KeyInfo.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, StringBuilder, Xml, XmlDSig, Cert;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
dsig: HCkXmlDSig;
sbXml: HCkStringBuilder;
xmlKeyInfo: HCkXml;
certBase64: PWideChar;
cert: HCkCert;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

dsig := CkXmlDSig_Create();
sbXml := CkStringBuilder_Create();

success := CkStringBuilder_LoadFile(sbXml,'c:/aaworkarea/elias/3/face_f09006808443a699d1b.xml','utf-8');
if (success <> True) then
  begin
    Memo1.Lines.Add('Failed to load XML file.');
    Exit;
  end;

success := CkXmlDSig_LoadSignatureSb(dsig,sbXml);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkXmlDSig__lastErrorText(dsig));
    Exit;
  end;

// Get the KeyInfo XML.
xmlKeyInfo := CkXmlDSig_GetKeyInfo(dsig);
if (CkXmlDSig_getLastMethodSuccess(dsig) <> True) then
  begin
    Memo1.Lines.Add(CkXmlDSig__lastErrorText(dsig));
    Exit;
  end;

Memo1.Lines.Add(CkXml__getXml(xmlKeyInfo));
Memo1.Lines.Add('----');

// Assuming the X509Certificate is in the KeyInfo, it will look like this:

//   <ds:KeyInfo Id="...">
//     <ds:KeyValue>
//     ...  
//     <ds:X509Data>
//       <ds:X509Certificate>MIIHAz...</ds:X509Certificate>
//     </ds:X509Data>
//   </ds:KeyInfo>
certBase64 := CkXml__getChildContent(xmlKeyInfo,'*:X509Data|*:X509Certificate');
if (CkXml_getLastMethodSuccess(xmlKeyInfo) <> True) then
  begin
    Memo1.Lines.Add('No X509Certificate found in the KeyInfo.');
    Exit;
  end;

// Load a certificate object w/ the base64.
cert := CkCert_Create();
success := CkCert_LoadFromBase64(cert,certBase64);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

// Examine the cert..
Memo1.Lines.Add('SubjectDN: ' + CkCert__subjectDN(cert));
Memo1.Lines.Add('IssuerDN: ' + CkCert__issuerDN(cert));
Memo1.Lines.Add('SerialNumber as Decimal: ' + CkCert__serialDecimal(cert));

CkXml_Dispose(xmlKeyInfo);

CkXmlDSig_Dispose(dsig);
CkStringBuilder_Dispose(sbXml);
CkCert_Dispose(cert);

end;